I wanted to integrate a authentification login into the backend of my REST Api.
I installed and configured the LexikJWTAuthenticationBundle in my REST-API backend following this tutorial: https://www.youtube.com/watch?v=XT4oy1d1j-g
The backend is running in the ngnix docker container.
But when I try to generate a token with
curl -X POST -H "Content-Type: application/json" docker-backend.test/api/login_check -d '{"username":"admin@admin.com","password":"1111"}'
I get:
{"code":500,"message":"Unable to create a signed JWT from the given configuration."}
The database Entry of the user is created via Fixtures:
$user = new User();
$user->setEmail('admin@admin.com');
$user->setRoles(['ROLE_USER']);
$user->setPassword(
//encode the password
$this->encoder->encodePassword($user, '1111')
);
$manager->persist($user);
$manager->flush();
The db entry of the Password is:
$argon2i$v=19$m=1024,t=2,p=2$b2hSY2pVYkc0Ym53V09Ucg$LBfYYmXE9/9h3VKkcdxHXwHNOIMgw/G6W89H7SU58Ns
My docker-compose.yaml:
version: "3.1"
services:
mysql:
image: mysql:5.7
#5.7 weil 8.0 eine unbekannte authentifizierungsmethode bei symfony4 hat
container_name: docker-symfony4-mysql
working_dir: /backend
volumes:
- ./backend:/backend
environment:
- MYSQL_ROOT_PASSWORD=secret
- MYSQL_DATABASE=rest-backend
- MYSQL_USER=homestead
- MYSQL_PASSWORD=secret
ports:
- "127.0.3.3:8002:3306"
backend-server:
image: nginx:alpine
container_name: docker-rest-backend-server
working_dir: /backend
volumes:
- ./backend:/backend
- ./phpdocker/nginx/nginx.conf:/etc/nginx/conf.d/default.conf
ports:
- "127.0.3.2:80:80"
depends_on:
- mysql
php-fpm:
build: phpdocker/php-fpm
container_name: docker-rest-php-fpm
working_dir: /backend
volumes:
- ./backend:/backend
- ./phpdocker/php-fpm/php-ini-overrides.ini:/etc/php/7.2/fpm/conf.d/99-overrides.ini
depends_on:
- mysql
frontend-server:
image: nginx:alpine
container_name: docker-rest-frontend-server
working_dir: /frontend
volumes:
- ./frontend:/frontend
- ./phpdocker/nginx-frontend/nginx.conf:/etc/nginx/conf.d/default.conf
ports:
- "127.0.3.1:80:80"
depends_on:
- mysql
security.yaml
security:
encoders:
App\Entity\User:
algorithm: argon2i
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: true
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
lexik_jwt_authentication.yaml
lexik_jwt_authentication:
secret_key: '%kernel.project_dir%/config/jwt/private.pem'
public_key: '%kernel.project_dir%/config/jwt/public.pem'
pass_phrase: '%env(JWT_PASSPHRASE)%'
token_ttl: 3600
routes.yaml
api_login_check:
path: /api/login_check
.env
[...]
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=8e5433ff410b05fe7dbb26ef6cdf9bae
If you need to look at other code, which isn't posted here, have a look at my Repo: https://github.com/beerfekt/REST-API-Backend-Docker
I tried a lot of solutions and searched a lot of sites, but nothing worked.
I solved it with the solution given in https://github.com/lexik/LexikJWTAuthenticationBundle/issues/532 :
My Passphrase in the .env file was not the same like the phrase of the generated keys in (Verifying - Enter pass phrase for config/jwt/private.pem:).
Now the Token is generated successfully.